Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Keycloak Java Process temp file [CVE-2021-20202]

A vulnerability was found in Keycloak (unknown version). It has been rated as critical. This issue affects an unknown code block of the component Java Process Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Samba up to 4.12.13/4.13.6/4.14.1 Domain Name out-of-bounds read

A vulnerability was found in Samba up to 4.12.13/4.13.6/4.14.1 (File Transfer Software). It has been declared as problematic. This vulnerability affects an unknown code of the component Domain Name Handler. Upgrading to version 4.12.14, 4.13.7 or...
Auteur: VulDB

Siemens SIMATIC NET CP 343-1 Service Port 102 resource consumption

A vulnerability was found in Siemens SIMATIC NET CP 343-1 Advanced, SIMATIC NET CP 343-1 Lean and SIMATIC NET CP 343-1 (SCADA Software) (the affected version unknown). It has been classified as problematic. This affects an unknown part of the...
Auteur: VulDB

Foreman Shellhooks Plugin authorization [CVE-2021-3457]

A vulnerability was found in Foreman (Service Management Software) (affected version not known) and classified as critical. Affected by this issue is some unknown functionality of the component Shellhooks Plugin. There is no information about...
Auteur: VulDB

SmartStoreNET up to 4.1.1 Forum Post _ForumPost.cshtml cross site scripting

A vulnerability has been found in SmartStoreNET up to 4.1.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file Views/Boards/Partials/_ForumPost.cshtml of the component Forum Post Handler....
Auteur: VulDB

SmartStoreNET up to 4.1.1 Private Message View.cshtml cross site scripting

A vulnerability, which was classified as problematic, was found in SmartStoreNET up to 4.1.1. Affected is an unknown function of the file Views/PrivateMessages/View.cshtml of the component Private Message Handler. Applying a patch is able to...
Auteur: VulDB

Siemens SIMATIC HMI Comfort Outdoor Panels up to 16 Update 3 Device Layout out-of-bounds write

A vulnerability, which was classified as critical, has been found in Siemens SIMATIC HMI Comfort Outdoor Panels, SIMATIC HMI Comfort Panels, SIMATIC HMI KTP Mobile Panels and SIMATIC Wincc Runtime Advanced up to 16 Update 3 (SCADA Software). This...
Auteur: VulDB

Siemens SCALANCE XM-400/SCALANCE XR-500 up to 6.3 OSPF Protocol calculation

A vulnerability classified as critical was found in Siemens SCALANCE XM-400 and SCALANCE XR-500 up to 6.3. This vulnerability affects an unknown code block of the component OSPF Protocol Handler. Upgrading to version 6.4 eliminates this...
Auteur: VulDB

Golo Laravel Theme 1.1.5 unrestricted upload [CVE-2020-23790]

A vulnerability classified as critical has been found in Golo Laravel Theme 1.1.5. This affects an unknown code. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative...
Auteur: VulDB

Siemens SIMATIC HMI Comfort Panels SNMP Service out-of-bounds write

A vulnerability was found in Siemens SIMATIC HMI Comfort Panels and SIMATIC HMI KTP Mobile Panels (SCADA Software) (affected version not known). It has been rated as critical. Affected by this issue is an unknown part of the component SNMP...
Auteur: VulDB

Wind River VxWorks 7 calloc the memory corruption

A vulnerability was found in Wind River VxWorks 7. It has been declared as critical. Affected by this vulnerability is the function calloc. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

Siemens SIMATIC HMI Comfort Outdoor Panels SmartVNC Device Layout resource consumption

A vulnerability was found in Siemens SIMATIC HMI Comfort Outdoor Panels, SIMATIC HMI Comfort Panels, SIMATIC HMI KTP Mobile Panels and SIMATIC Wincc Runtime (SCADA Software) (version unknown). It has been classified as problematic. Affected is an...
Auteur: VulDB

Knowage Suite 7.3 update surname cross site scripting

A vulnerability was found in Knowage Suite 7.3 and classified as problematic. This issue affects an unknown function of the file /knowage/restful-services/signup/update. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Knowage Suite 7.3 Template update name injection

A vulnerability has been found in Knowage Suite 7.3 and classified as critical. This vulnerability affects some unknown processing of the file /knowage/restful-services/signup/update of the component Template Handler. There is no information...
Auteur: VulDB

Codoforum up to 4.8 Topic.php get_topic_info sql injection

A vulnerability, which was classified as critical, was found in Codoforum up to 4.8 (Forum Software). This affects the function get_topic_info of the file sys/CODOF/Forum/Topic.php. Upgrading to version 4.9 eliminates this vulnerability.
Auteur: VulDB

McAfee Total Protection up to 16.0.31 Client Token privileges management

A vulnerability, which was classified as critical, has been found in McAfee Total Protection up to 16.0.31. Affected by this issue is an unknown code of the component Client Token Handler. Upgrading to version 16.0.32 eliminates this...
Auteur: VulDB

McAfee Total Protection up to 16.0.31 File Lock privileges management

A vulnerability classified as critical was found in McAfee Total Protection up to 16.0.31. Affected by this vulnerability is an unknown part of the component File Lock. Upgrading to version 16.0.32 eliminates this vulnerability.
Auteur: VulDB

hivex up to 1.3.19 Registry File hivex_open out-of-bounds read

A vulnerability classified as critical has been found in hivex up to 1.3.19. Affected is the function hivex_open of the component Registry File Handler. Upgrading to version 1.3.20 eliminates this vulnerability.
Auteur: VulDB

SolarWinds Serv-U up to 15.2.2 SenderEmail unknown vulnerability

A vulnerability was found in SolarWinds Serv-U up to 15.2.2 (File Transfer Software). It has been rated as problematic. Upgrading to version 15.2.3 eliminates this vulnerability. The upgrade is hosted for download at documentation.solarwinds.com.
Auteur: VulDB

ImageMagick up to 7.0.10 Signature TransformSignature information disclosure

A vulnerability was found in ImageMagick up to 7.0.10 (Image Processing Software). It has been declared as problematic. This vulnerability affects the function TransformSignature of the component Signature Handler. Upgrading to version 7.0.11...
Auteur: VulDB

McAfee Endpoint Security on Linux Installation toctou

A vulnerability was found in McAfee Endpoint Security on Linux (the affected version unknown). It has been classified as critical. This affects some unknown processing of the component Installation. There is no information about possible...
Auteur: VulDB

ImageMagick 7.0.11 coders/thumbnail.c WriteTHUMBNAILImage integer overflow

A vulnerability was found in ImageMagick 7.0.11 (Image Processing Software) and classified as critical. Affected by this issue is the function WriteTHUMBNAILImage of the file coders/thumbnail.c. There is no information about possible...
Auteur: VulDB

ImageMagick up to 7.0.10 MagickCore/colorspace.c sRGBTransformImage divide by zero

A vulnerability has been found in ImageMagick up to 7.0.10 (Image Processing Software) and classified as problematic. Affected by this vulnerability is the function sRGBTransformImage of the file MagickCore/colorspace.c. Upgrading to version...
Auteur: VulDB

ImageMagick up to 7.0.10 MagickCore/colorspace.c ConvertXYZToJzazbz divide by zero

A vulnerability, which was classified as problematic, was found in ImageMagick up to 7.0.10 (Image Processing Software). Affected is the function ConvertXYZToJzazbz of the file MagickCore/colorspace.c. Upgrading to version 7.0.11 eliminates this...
Auteur: VulDB

ImageMagick up to 6.9.11/7.0.10 visual-effects.c WaveImage divide by zero

A vulnerability, which was classified as problematic, has been found in ImageMagick up to 6.9.11/7.0.10 (Image Processing Software). This issue affects the function WaveImage of the file MagickCore/visual-effects.c. Upgrading to version 6.9.12 or...
Auteur: VulDB
12345678910Last

Événements SSI